Mobile Wireless Security and Privacy: Research and Practice - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

Mobile Wireless Security and Privacy: Research and Practice

Description:

Hot spot (public) Addresses. IP (Internet Protocol) MAC (Media Access Control, network card) ... How many of you use public hot spots at coffee shops, hotels, etc. ... – PowerPoint PPT presentation

Number of Views:108
Avg rating:3.0/5.0
Slides: 28
Provided by: hpcus178
Category:

less

Transcript and Presenter's Notes

Title: Mobile Wireless Security and Privacy: Research and Practice


1
Mobile Wireless Security and Privacy Research
and Practice
  • Drs. Tim Chenoweth, Robert Minch, and Sharon
    Tabor
  • Dept. of Information Technology and Supply Chain
    Management,College of Business and Economics

2
Terms . . .
  • Wi-Fi or 802.11x
  • Access Point (AP)
  • Hot spot (public)
  • Addresses
  • IP (Internet Protocol)
  • MAC (Media Access Control, network card)
  • Portable
  • Mobile
  • Roaming
  • Intra-network
  • Inter-network
  • Security security controls
  • Ports
  • Firewall
  • Malware

3
Questions of Interest
Research
Practice
Location Privacy
What constitutes location privacy?
How are users being tracked?
Security
What motivates users to protect themselves?
How safe are users?
4
Questions of Interest
Research
Practice
Location Privacy
What constitutes location privacy?
How are users being tracked?
Security
What motivates users to protect themselves?
How safe are users?
5
Questions of Interest
Research
Practice
Location Privacy
What constitutes location privacy?
How are users being tracked?
Security
What motivates users to protect themselves?
How safe are users?
6
Location Privacy Practice
  • How many ways have you been located today?

Kaupins, Gundars and Minch, Robert P. "Legal and
Ethical Implications of Employee Location
Monitoring," International Journal of Technology
and Human Interaction, Vol. 2, No. 3,
July-September 2006, pp. 16-35
7
Location Privacy Practice
  • How many ways have you been located today?
  • When I charged my gas to a credit card.
  • When I walked by the security camera at the 7-11.
  • When I carry my cell phone, turned on.
  • When I put my card in the ATM machine.
  • When I drove through a monitored intersection.
  • When I used my BroncoBucks.
  • When I signed in to BroncoWeb.
  • When I scanned my ID card to enter a room.
  • When I used my laptop computer on campus.
  • When I passed by a Bluetooth-enabled printer.

8
220,000 Cell Towers Can Find You
http//www.towermaps.com/images/nationwide5.gif
9
Millions of Wi-Fi Access Points Can Find You
http//www.cercs.gatech.edu/tech-reports/tr2006/gi
t-cercs-06-10.pdf
10
Wireless Usage Volume Over Time
11
Wireless Usage Locations Over Time
12
Wireless Users in Real Time
13
Questions of Interest
Research
Practice
Location Privacy
What constitutes location privacy?
How are users being tracked?
Security
What motivates users to protect themselves?
How safe are users?
14
Location Privacy Research
  • Privacy is the ability to control information
    about yourself
  • Location privacy is determined by location
    information
  • Gathering
  • Storage
  • Use
  • Sharing
  • Combination

Minch, Robert P. Privacy Issues in
Location-Aware Mobile Devices.  Proceedings of
the Thirty-Seventh Annual Hawaii International
Conference on System Sciences.  (IEEE Computer
Society, January 2004)
15
How Many of You Are OK With
  • Being located when calling 911?
  • Being located by friends and family?
  • Being located by your boss?
  • Being a suspect if you drove by a convenience
    store while it was robbed?
  • Getting a ticket every time you speed?
  • Having your health insurance rates rise when you
    visit a friend in a cancer clinic?

16
Questions of Interest
Research
Practice
Location Privacy
What constitutes location privacy?
How are users being tracked?
Security
What motivates users to protect themselves?
How safe are users?
17
Security Practice
  • Wireless security is largely a user problem
  • Users must protect their own machines
  • Organizations must protect against infected or
    malicious users
  • Many private APs are inadvertently insecure
  • Many public APs are deliberately insecure
  • Wireless (client) security means
  • Firewall properly installed configured
  • Protection against malware (viruses, spyware)

18
Security Practice
  • How many of you have a wireless access point at
    home?
  • How many of you have it secured with a password?
  • How many of you use public hot spots at coffee
    shops, hotels, etc.?
  • How many of you do sensitive things like
    e-banking there without safeguards?

19
Security Practice On Campus
  • 4/27/06 to 6/7/06 3331 Boise State campus
    wireless users scanned
  • 287 (9) had open ports
  • 189 of the 287 (6 of all users scanned) had at
    least one open port with significant security
    implications
  • Vulnerabilities included open ports for
  • File/print sharing
  • Remote desktop (remote control of your machine)
  • Evidence of malware included
  • Clandestine remote control
  • Keystroke logging
  • Password cracking
  • Zombies for denial of service attacks

Chenoweth, Tim Minch, Robert and Tabor,
Sharon.  "User Security Behavior on Wireless
Networks An Empirical Study." Proceedings of the
Fortieth Annual Hawaii International Conference
on System Sciences (IEEE Computer Society,
January 2007)
20
Boise State Wireless User Security
21
Questions of Interest
Research
Practice
Location Privacy
What constitutes location privacy?
How are users being tracked?
Security
What motivates users to protect themselves?
How safe are users?
22
Security Research
  • Traditional models for predicting motivating
    acceptance adoption of technology emphasize
    achieving gains.

Technology Acceptance Model
Perceived Ease of Use
Intention to Use
Actual Use
Effective Use
Perceived Usefulness
Chenoweth, Tim Minch, Robert and Tabor,
Sharon. User Security Behavior on Wireless
Networks An Empirical Study. Communications of
the ACM (under revision).
23
Security Research
  • Whats needed to predict and motivate adoption of
    security control technology might be to emphasize
    avoiding problems.

Severity
Protection Motivation Theory
Vulnerability
Intention
Actual Use
Effective Use
Response Effectiveness
Self Efficacy
Chenoweth, Tim Minch, Robert and Tabor,
Sharon. Expanding Views of Technology
Acceptance Seeking Factors Explaining Security
Control Adoption. Americans Conference on
Information Systems 2007 (under review).
24
Security Research
Hello! Dont be alarmedthis is just an
automatic message from the campus network. It
does not appear that you have a personal firewall
on your computer. Would you like to find out how
to better protect yourself? Yes (now) Later No
  • Experiential Sampling

25
Summary
  • Mobile devices are becoming ubiquitous and
    locatable
  • Users are critically affected by security and
    privacy issues, and play a key role in protecting
    themselves and others
  • Were investigating ways to help!

26
QuestionsorComments?
27
What Security Precautions Should I Take?
  • For your wireless access point at home
  • Turn on some security (WEP OK, WPA better)
  • When you use your wireless laptop
  • Connect only to known networks (SSIDs)
  • Assume the network is insecure, therefore
  • Use a VPN if your company has one
  • Use only secure web sites for sensitive purposes
  • Know that passwords, etc. may be intercepted
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Mobile Wireless Security and Privacy: Research and Practice" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!